This guide is about security, not privacy.
Additionally, security measures that heavily compromise usability were not included.
This guide aims to produce above-average secure systems, without giving up features.
Last updated for macOS Ventura (13.3).
Source: Hardening macOS, an article by Ricard Bejarano.
In the past few days, there have been uncertainties and concerns about the LUKS (“Linux Unified Key Setup”) disk encryption, which is widely used on Linux. We publish our assessment of this here.
Let’s face it: learning is hard. When I get a new job, I have to learn all about the new product, how it runs, and what I can do to help contribute. For myself, this is not an issue: I am an experienced software engineer. Unravelling balls of yarn that make complex software stacks function is what I do for a living. In this post, I’m going to go over some of the ways that software projects handle implicit complexity and how most of the tools that I have used in this space have not really solved any problems. If you aren’t interested in the history lesson, you can skip to the end to read about the specific tools I use to reduce installation steps to
cd project-name && devenv up.
Source: Frictionless developer environments: Simplify and add lightness, an article by Andrew Coleman.
In the morning I finished All That Remains, Scarpetta 3, by Patricia Cornwell. I liked this book more than the previous two. I even bought the Dutch translation for Esme so she can practice her Dutch.
I recently tooted about my hatred of website hamburger menus which was met with a surprising amount of support from other users. It seems like most people don't actually like hamburger menus. So why do we, as developers, keep using them in our products and designs? Is it our only option? Or is it because we have become conditioned to expect it?
Source: Stop Using Hamburger Menus, an article by Bradley Taunt.
You’re on a new version of Linux, you try a
pip install, and it errors out, talking about “externally managed environments” and “PEP 668”. What’s going on? How do you solve this?
Source: “Externally managed environments”: when PEP 668 breaks pip, an article by Itamar Turner-Trauring.
A charming thief and a band of unlikely adventurers embark on an epic quest to retrieve a lost relic, but things go dangerously awry when they run afoul of the wrong people.
In the evening Esme and I watched Dungeons & Dragons: Honor Among Thieves. I liked the movie and give it an 8 out of 10.
In the evening I started in Lords of Uncreation, The Final Architecture Book 3 by Adrian Tchaikovsky.
Okay, you probably shouldn’t store passwords in plaintext, but I’ve met a few who do. They don’t store their own passwords in plaintext and they use a password manager for those things, but they don’t hesitate to store credentials at work in plaintext.
Huh? That’s obviously horrible. What gives?
I recently struggled to build an x86_64 container for a web app written in Rust from my Mac Silicon. I eventually figured out a working solution that also heavily reduced the size of the container image. In this article, I will walk you through this solution!
Source: Building x86 Rust containers from Mac Silicon, an article by Luciano Mammino.
If you prefer to start on a «clean slate», rather than migrate potential old garbage, on your new & smoothly running Mac, you’re like me. And I have something for you: a scripted macOS User setup and App installations!
Source: macOS Scripted Setup – say Goodbye to manual User settings & App installs.
The Guardians struggle to keep together as a team while dealing with their personal family issues, notably Star-Lord's encounter with his father, the ambitious celestial being Ego.
In the evening Esme and I watched Guardians of the Galaxy Vol. 2. I liked the movie and give it a 7 out of 10.
A port of the free software TianoCore UEFI firmware can be used instead of the proprietary boot blob to boot the Raspberry Pi. This allows to install Debian on the RPi with the standard Debian Installer, and it also makes it possible to use UEFI Secure Boot. Note that Secure Boot had been broken on arm64 for a while, but it’s now working in Bookworm!.
Source: UEFI Secure Boot on the Raspberry Pi, an article by Emanuele Rocca.
The async working group's headline goal for 2023 is to stabilize a "minimum viable product" (MVP) version of async functions in traits. We are currently targeting Rust 1.74 for stabilization. This post lays out the features we plan to ship and the status of each one.
Source: Stabilizing async fn in traits in 2023, an article by Niko Matsakis and Tyler Mandry.
Different from many other database systems, PostgreSQL does not support query hints. That makes it difficult to force the hand of the query planner when it comes to a certain join order that you know to be good. This article explains how you can influence execution plans in PostgreSQL.
Source: Join order: how to force it in PostgreSQL, an article by Laurenz Albe.
Recently I was doing some small modifications to my site, when I rediscovered the hamburger menu I made for it. It is not very special, just a menu that, once you go into a small resolution, it will compress itself into a hidden vertical menu that you can show or hide by pushing a button. The interesting part of it is that it is made only using HTML and CSS.
Source: How to make a CSS-only hamburger menu, an article by Alberto de Murga.
Welcome to the world of identifiers! Whether you're a developer working on a new project, a database administrator looking to optimize your system, or simply someone curious about the different types of identifiers, this guide has you covered.
Source: Ultimate Guide to Identifiers, an article by Łukasz Kużyński.
Docker is a great tool for building and running containerized applications, but it is not the best solution for running services on Linux. In this post, I will explain why I prefer using systemd units over Docker containers for running services on Linux, based on three criteria: simplicity, integration, and reliability.
Source: Systemd Units vs Docker Containers - Why I Choose the Former for Running Services, an article by John L. Carveth.
Flake8 and PyLint are commonly used, and very useful, linting tools: they can help you find potential bugs and other problems with your code, aka “lints”. But they can also be slow. And even if they’re fast on your computer, they may still be slow in your CI system (GitHub Actions, GitLab, or whatever else.)
Happily, there’s a new linter available, Ruff, which is much faster. And it supports many of the same lints, including those from many of Flake8’s plugins.
In this article we’ll get a sense of why Ruff’s extra linting speed is so useful compared to the alternatives.
Source: Goodbye to Flake8 and PyLint: faster linting with Ruff, an article by Itamar Turner-Trauring.
Python is known to come with "batteries included", thanks to its very extensive standard library, which includes many modules and functions that you would not expect to be there. However, there are many more "essential" Python libraries out there that you should know about and be using in all of your Python projects, and here's the list.
Source: Python's Missing Batteries: Essential Libraries You're Missing Out On, an article by Martin Heinz.
Error handling is a fundamental aspect of programming. Unless you are writing “hello world”, you will need to handle errors in your code. In this post, I will discuss a bit the most common approaches used by various programming languages.
Source: Error handling patterns, an article by Andrea Bergia.
The major compilers have an enormous number of knobs. Most are highly specialized, but others are generally useful even if uncommon. For warnings, the venerable -Wall -Wextra is a good start, but circumstances improve by tweaking this warning set. This article covers high-hitting development-time options in GCC, Clang, and MSVC that ought to get more consideration.
There’s an irony that the more you use these options, the less useful they become. Given a reasonable workflow, they are a harsh mistress in a fast, tight feedback loop quickly breaking the habits that cause warnings and errors. It’s a kind of self-improvement, where eventually most findings will be false positives. With heuristics internalized, you will be able spot the same issues just reading code — a handy skill during code review.
Source: My favorite C compiler flags during development, an article by Chris Wellons.
In math class you’ve done algebra, with addition and multiplication and exponentiation and polynomials like
1 + x + x². And while programming, you’ve worked withenums andstructs and functions and lists. You probably thought these things were unrelated.Surprise! They’re deeply related, and by the end of this post you’ll see how to use algebra to refactor your data types. The crowning example in this post will be finding an equivalent representation of red-black trees.
Source: Algebra and Data Types, an article by Justin Pombrio.
Docker has become an immensely popular tool in the world of software development, and for good reason. It provides an excellent way to create, manage, and deploy containers, which in turn enables developers to run applications that work the same way in development and production. However, creating Docker images can sometimes be a pain, as anybody who has accidentally broken the apt cache and triggered an hours-long build by making a minor change can tell you.
Source: Move Over, Dockerfiles! The New Way to Craft Containers, an article by Jason Hall and Zachary Newman.